AUTHENTICATION USING BIOMETRIC TECHNOLOGY THROUGH A CONSUMER DEVICE
Embodiments of the invention provide strong user authentication on a consumer device without requiring the user to go through a formal registration process with the issuer or processing network. Certain embodiments allow the use of any biometric technology (e.g., fingerprint scan, iris scan, voice recognition, etc.) supported by their consumer device (e.g., smart phone, tablet computer, personal computer) to authenticate the user. Additionally, the consumer device provides unforgeable evidence of the biometric match in the form of a biometric digital artifact to provide proof to a processing network that the match occurred. The processing network maintains a history of these authenticated transactions and biometric digital artifacts and as more and more non-fraudulent authenticated transactions occur over time, a higher level of trust (i.e., lower risk) is associated with the consumer device, biometric registration process, and the user.
The present application is a continuation-in-part of and claims priority to U.S. patent application Ser. No. 13/785,586, filed on Mar. 5, 2013 (Attorney Docket No.: 79900-864282-020600USNP), which is a non-provisional application of and claims priority to U.S. Provisional Application No. 61/606,892, filed on Mar. 5, 2012 (Attorney Docket No.: 79900-824620(020600USP1)), the entire contents of which are herein incorporated by reference for all purposes.
BACKGROUNDFraud in the consumer transaction service industry is a problem. For instance, lately, many consumer transactions may be completed using a consumer device (e.g., mobile phone) without the use of a physical payment card. A user may initiate a payment transaction from a consumer device at a point-of-sale terminal or in a remote payment environment. Some consumer device initiated transactions without a physical payment card may require biometric authentication to verify the identity of the payment user. However, in some cases a forger can duplicate the user biometric and complete a fraudulent transaction using the payment card details of the payment user.
Additionally, inconvenience and inefficiency are other problems associated with biometric authentication. Biometric authentication may require long processing times due to having to accurately match the user biometric data against a database of the user's registered biometric data. This delay in processing may cause inconvenience for the user who wishes to complete the transaction from the consumer device. Furthermore, the hosting of biometric data for millions of consumers on a central computer would be daunting along with risks and liabilities of having all biometric data in a central location.
Embodiments of the invention address these and other problems.
SUMMARYEmbodiments of the invention broadly described, allow for user authentication using biometric technology through a consumer device. More specifically, the invention pertains to transactions initiated from a consumer device, such as a mobile phone or personal computer, for both face-to-face and remote payment environments.
Embodiments of the invention relate to systems and methods for authenticating a user at a consumer device and authenticating a user at a server computer. Embodiments of the invention provide strong user authentication on a trusted consumer device without requiring the user to go through a formal registration process with the issuer or payment processing network. Certain embodiments allow the use of any biometric technology (e.g., fingerprint scan, iris scan, voice recognition, etc.) supported by their consumer device (e.g., smart phone, tablet computer) to authenticate the user. Additionally, the consumer device provides unforgeable evidence of the biometric match in the form of a unique digital signature to provide proof to a payment processing network that the match occurred. The payment processing network maintains a history of these authenticated transactions and unique digital signatures and as more and more non-fraudulent authenticated transactions occur over time, a higher level of trust (i.e., lower risk) is associated with the consumer device, biometric registration process, and the user.
In certain embodiments, the consumer device supports biometric capability via a dedicated sensor (e.g., fingerprint reader) or existing sensor (e.g., camera or microphone for iris recognition, voice recognition, etc.). The user registers their biometric data locally on the consumer device using software that provides this service. When a payment transaction requiring user authentication is to be performed, the user performs the necessary step(s) to have their biometric read (e.g., swipe their finger on the fingerprint sensor, speak into a microphone, etc.). In some embodiments, the biometric software performs the match on the device and uses an algorithm to generate a unique biometric digital artifact based on the biometric authentication. Any suitable artifact generation algorithm can be used. The artifact is verifiable by a server computer in a payment processing network and is unique with each transaction. The consumer device transmits the unique biometric digital artifact to the payment processing network along with the consumer device's disposition (e.g., biometric match or no match). The payment processing network verifies the artifact and records the fact that this verification occurred. In some embodiments, each time the user performs a transaction, this verification step occurs. Over time, this particular user authentication process is trusted more and more as long as the account remains non-fraudulent. The trust increases on each subsequent transaction as long as the consumer device consistently provides unique data that continues to be verified. This process provides strong proof that the biometric matching is occurring and the user is indeed performing the transactions.
One embodiment of the invention discloses a computer implemented method for authenticating a user at a consumer device, comprising: receiving a first biometric data of a user; comparing the first biometric data with a second biometric data of the user; determining, from the comparison, whether the first biometric data and the second biometric data match according to a predetermined threshold; and creating a biometric digital artifact based on the first biometric data, wherein the biometric digital artifact includes information regarding a type of biometric data received and the determination.
One embodiment of the invention discloses a computer-implemented method for authenticating a user at a server computer, comprising: receiving payment information and a biometric digital artifact, wherein the biometric digital artifact is generated by a consumer device and comprises information regarding a type of biometric data, and a determination of a data match between a first biometric data of a user and a second biometric data of a user; holding the biometric digital artifact in a queue for a predetermined period of time; determining that the biometric digital artifact is valid; and updating a user profile with the biometric digital artifact based on the determination.
Further details regarding embodiments of the invention can be found in the Detailed Description and the Figures.
Prior to discussing the specific embodiments of the invention, a further description of some terms can be provided for a better understanding of embodiments of the invention.
A “payment device” may include any suitable device capable of making a payment. For example, a payment device can include a card including a credit card, debit card, charge card, gift card, or any combination thereof. A payment device can be used in conjunction with a consumer device, as further defined below.
A “payment processing network” (e.g., VisaNet™) may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services. An exemplary payment processing network may include VisaNet™. Payment processing networks such as VisaNet™ are able to process credit card transactions, debit card transactions, and other types of commercial transactions. VisaNet™ in particular, includes a VIP system (Visa Integrated Payments system) which processes authorization requests and a Base II system which performs clearing and settlement services.
An “authorization request message” may be an electronic message that is sent to a payment processing network and/or an issuer of a payment card to request authorization for a transaction. An authorization request message according to some embodiments may comply with (International Organization of Standardization) ISO 8583, which is a standard for systems that exchange electronic transaction information associated with a payment made by a consumer using a payment device or payment account. The authorization request message may include an issuer account identifier that may be associated with a payment device or payment account. An authorization request message may also comprise additional data elements corresponding to “identification information” including, by way of example only: a service code, a CVV (card verification value), a dCVV (dynamic card verification value), an expiration date, etc. An authorization request message may also comprise “transaction information,” such as any information associated with a current transaction, such as the transaction amount, merchant identifier, merchant location, etc., as well as any other information that may be utilized in determining whether to identify and/or authorize a transaction.
An “authorization response message” may be an electronic message reply to an authorization request message generated by an issuing financial institution or a payment processing network. The authorization response message may include, by way of example only, one or more of the following status indicators: Approval—transaction was approved; Decline—transaction was not approved; or Call Center—response pending more information, merchant must call the toll-free authorization phone number. The authorization response message may also include an authorization code, which may be a code that a credit card issuing bank returns in response to an authorization request message in an electronic message (either directly or through the payment processing network) to the merchant's access device (e.g. POS equipment) that indicates approval of the transaction. The code may serve as proof of authorization. As noted above, in some embodiments, a payment processing network may generate or forward the authorization response message to the merchant.
As used herein, a “communications channel” may refer to any suitable path for communication between two or more entities. Suitable communications channels may be present directly between two entities such as a payment processing network and a merchant or issuer computer, or may include a number of different entities. Any suitable communications protocols may be used for generating a communications channel. A communication channel may in some instance comprise a “secure communication channel,” which may be established in any known manner, including the use of mutual authentication and a session key and establishment of a secure socket layer (SSL) session. However, any method of creating a secure channel may be used. By establishing a secure channel, sensitive information related to a payment device (such as account numbers, CVV values, expiration dates, etc.) may be securely transmitted between the two or more entities to facilitate a transaction.
A “server computer” can be a powerful computer or a cluster of computers. For example, the server computer can be a large mainframe, a minicomputer cluster, or a group of servers functioning as a unit. In one example, the server computer may be a database server coupled to a Web server.
A “terminal” (e.g. a point-of-service (POS) terminal) can be any suitable device configured to process payment transactions such as credit card or debit card transactions, or electronic settlement transactions, and may have optical, electrical, or magnetic readers for reading data from other portable consumer devices such as smart cards, keychain device, cell phones, payment cards, security cards, access cards, and the like.
An “acquirer” is a business entity (e.g., a commercial bank) that typically has a business relationship with the merchant and receives some or all of the transactions from that merchant.
An “issuer” is a business entity which issues a card to a user. Typically, an issuer is a financial institution.
A “cardholder” is an individual who is authorized to use a payment card issued by the issuer. The terms “cardholder” and “user” may be used interchangeably in the following description. A “user” and/or “cardholder” may be any competent individual.
“Biometric data” includes data that can be used to uniquely identify an individual based upon one or more intrinsic physical or behavioral traits. For example, biometric data may include fingerprint data and retinal scan data. Further examples of biometric data include digital photographic data (e.g., facial recognition data), deoxyribonucleic acid (DNA) data, palm print data, hand geometry data, and iris recognition data,
A “predetermined correlation,” as described herein, can be a relationship between received input data and stored data. In the context of the present invention, the received input data can be a first set of biometric data from a user. The stored data can be a previously stored biometric data of the user. The predetermined correlation can be a previously set threshold that identifies or quantifies to what degree the received input data and the previously stored input data should match. If the received input data and the previously stored input data match according to the predetermined threshold or “correlation”, then the data is considered a match. Alternatively, the correlation can determine a “risk factor” associated with the input data. A high correlation can constitute a low risk factor and a low correlation can constitute a high risk factor. To illustrate correlation, fingerprints, for example, contain a certain number of identifying features. If a high number of identifying features of a fingerprint are matched to a stored fingerprint, then the probability that both fingerprints are from the same person may be high (e.g., low risk). Similarly, if few identifying features match between the two fingerprints, then the probability that they are from the same person is low (e.g., high risk). Setting the appropriate threshold to ensure an acceptable level of accuracy would be appreciated by one of ordinary skill in the art. This concept can be applied to other biometric data (e.g., retinal scans, facial recognition data, etc.).
A “biometric digital artifact,” as described herein, can be a digital artifact or cryptographically generated value that provides information identifying a type of biometric used in an authentication process and whether a biometric match has occurred on a consumer device. The biometric digital artifact (BDA) can be a binary number or, in some embodiments, an analog signal. Each time a consumer device authenticates a user biometric, a new BDA is created by the consumer device that includes enough information to identify the biometric type and authentication result, yet is unique in that fraudulent copies of the BDA can be identified and invalidated. The biometric digital artifact may also be a synthesis of biometric data associated with a user.
A “consumer device,” as described herein, can be any consumer electronic device that can execute and/or support payment transaction including, but not limited to, a personal digital assistant (PDA), a smart phone, tablet computer, notebook computer, and the like.
Embodiments of the invention provide strong user authentication on a trusted consumer device without requiring the user to go through a formal registration process with the issuer or payment processing network. Certain embodiments allow the use of any biometric technology (e.g., fingerprint scan, iris scan, voice recognition, etc.) supported by their consumer device (e.g., smart phone, tablet computer) to authenticate the user. Additionally, the consumer device provides unforgeable evidence of the biometric match in the form of a unique digital signature to provide proof to a payment processing network that the match occurred. The payment processing network maintains a history of these authenticated transactions and unique digital signatures and as more and more non-fraudulent authenticated transactions occur over time, a higher level of trust (i.e., lower risk) is associated with the consumer device, biometric registration process, and the user.
In certain embodiments, the consumer device supports a biometric capability via a dedicated sensor (e.g., fingerprint reader) or existing sensor (e.g., camera or microphone for iris recognition, voice recognition, etc.). The user registers their biometric data locally on the consumer device using software that provides this service. When a payment transaction requiring user authentication is to be performed, the user performs the necessary step(s) to have their biometric read (e.g., swipe their finger on the fingerprint sensor, speak into a microphone, etc.). In some embodiments, the biometric software performs the match on the device and uses a proprietary algorithm to generate a unique biometric digital artifact based on the biometric authentication. The biometric digital artifact is verifiable by a payment processing network and is unique with each transaction. The consumer device transmits the unique biometric digital artifact to the payment processing network along with the consumer device's disposition (e.g., biometric match or no match). The server computer in the payment processing network (or other location) verifies the artifact and records the fact that this verification occurred. In some embodiments, each time the user performs a transaction, this verification step occurs. Over time, this particular user authentication process is trusted more and more as long as the account remains non-fraudulent. The trust increases on each subsequent transaction as long as the consumer device consistently provides unique data that continues to be verified. This process provides strong proof that the biometric matching is occurring and the user is indeed performing the transactions.
The above examples highlight only a few of the advantages of using a biometric digital artifact to authenticate a user on a consumer device.
Other advantages of embodiments of the invention relate to technical advantages such as the reduction in data transmission, which results in increased bandwidth over communication networks. For example, because much of the biometric verification processing occurs in a distributed manner (e.g., by using many mobile phones), the need for large computational requirements for a central server computer is reduced. Further, in embodiments of the invention, a digital artifact that is relatively small in size is being transmitted to a central server computer, resulting in fast data transmission. This is compared to the case where a data intensive biometric data sample (e.g., an audio file for a voice sample) is being transmitted through a communication medium.
Other advantages of embodiments of the invention relate to security advantages such as having a server verifying the biometric digital artifact, thereby allowing for capability of detection of compromised consumer devices. Further, since the server does not store the biometric data for consumers, there is reduced liability and risk.
I. Exemplary Systems
In an embodiment, the consumer device 110 is in electronic communication with the terminal 120. The consumer device 110 can be a personal digital assistant (PDA), a smart phone, tablet computer, notebook computer, or the like, that can execute and/or support payment transactions with a payment system 100. A consumer device 110 can be used in conjunction with a payment device, such as a credit card, debit card, charge card, gift card, or other payment device and/or any combination thereof. The combination of a payment device (e.g., credit card) and the consumer device 110 (e.g., smart phone) can be referred to as the consumer device 110 for illustrative purposes. In other embodiments, the consumer device 110 may be used in conjunction with transactions of currency or points (e.g., points accumulated in a particular software application). In further embodiments, the consumer device 110 may be a wireless device, a contactless device, a magnetic device, or other type of payment device that would be known and appreciated by one of ordinary skill in the art with the benefit of this disclosure. In some embodiments, the consumer device 110 includes software (e.g., application) to perform the various payment transactions, processing user biometric data, and generating a unique digital signature as further described below.
In some embodiments, the user biometric data may include fingerprint data, retinal scan data, digital photograph data (e.g., facial recognition data), DNA data, palm print data, hand geometry data, iris recognition data, or other similar biometric identifier that would be appreciated by one of ordinary skill in the art with the benefit of this disclosure.
The terminal 120 is configured to be in electronic communication with the communication device 110 and the acquirer 130 via a merchant 125. In one embodiment, the terminal 120 is a point-of-service (POS) device. Alternatively, the terminal 120 can be any suitable device configured to process payment transactions such as credit card or debit card transactions, or electronic settlement transactions, and may have optical, electrical, or magnetic readers for reading data from portable consumer electronic devices such as smart cards, keychain device, cell phones, payment cards, security cards, access cards, and the like. In some embodiments, the terminal 120 is located at and controlled by a merchant. For example, the terminal 120 can be a POS device at a grocery store checkout line. In other embodiments, the terminal could be a client computer or a mobile phone in the event that the user is conducting a remote transaction.
The acquirer 130 (e.g., acquirer bank) includes an acquirer computer (not shown). The acquirer computer can be configured to transfer data (e.g., bank identification number (BIN), biometric digital artifact, etc.) and financial information to the payment processing network 140. In some embodiments, the acquirer 130 does not need to be present in the system 100 for the consumer device 110 to transfer the financial and user data to the payment processing network 140. In one non-limiting example, the acquiring bank 130 can additionally check the credentials of the user against a watch list in order to prevent fraud and money laundering schemes, as would be appreciated by one of ordinary skill in the art.
In one embodiment, the payment processing network 140 is VisaNet™ where Visa internal processing (VIP) performs the various payment processing network 140 or multi-lateral switch functions described herein. The payment processing network 140 can include an authorization and settlement server (not shown). The authorization and settlement server (“authorization server”) performs payment authorization functions. The authorization server is further configured to send and receive authorization data to the issuer 150. Furthermore, the payment processing network 140 can receive a unique digital signature (e.g., from the payment device 110, terminal 120, or acquirer 130) to determine a risk factor associated with a transaction, as further described below.
In some embodiments, the issuer 150 is a business entity which issues a card to a card holder. Typically, an issuer is a financial institution. The issuer 150 is configured to receive the authorization data from the payment processing network 140 (e.g., the authorization server). The issuer 150 receives authentication data from the authorization server and determines if the user is authorized to perform a given financial transaction (e.g., cash deposit/withdrawal, money transfer, balance inquiry) based on whether the user was authenticated by an identification system.
In some embodiments, the consumer device 110 may be connected to and communicate with the payment processor network 140 via an interconnected network 160. One example of an interconnected network 160 is the Internet. The payment processor network 140 may inform the consumer device 110 when a payment has been successfully processed. In some embodiments, the payment processor network 140 may be connected to and communicate with the terminal 120 via the interconnected network 160. The payment processor network 140 may inform the terminal 120 when a payment has been successfully processed which in turn the terminal 120 may complete the transaction with the consumer device 110.
A server computer 300 is also shown in
The interconnected network 160 may comprise one or more of a local area network, a wide area network, a metropolitan area network (MAN), an intranet, the Internet, a Public Land Mobile Network (PLMN), a telephone network, such as the Public Switched Telephone Network (PSTN) or a cellular telephone network (e.g., wireless Global System for Mobile Communications (GSM), wireless Code Division Multiple Access (CDMA), etc.), a VoIP network with mobile and/or fixed locations, a wireline network, or a combination of networks.
In a typical payment transaction in embodiments of the invention, a user may interact with the terminal 120 (e.g., with a payment device such as a payment card, or by entering payment information) to conduct a transaction with the merchant 125. The merchant 125 may be operate a merchant computer, which may route an authorization request message to the acquirer 130, and eventually to the issuer 150 via the payment processing network 140.
The issuer 140 will then determine if the transaction is authorized (e.g., by checking for fraud and/or sufficient funds or credit). The issuer will then transmit an authorization response message to the terminal 120 via the payment processing network 140 and the acquirer 130.
At the end of the day, the transaction is cleared and settled between the acquirer 130 and the issuer 150 by the payment processing network 140.
The description below provides descriptions of other components in the system as well as authentication methods using biometric data. The authentication methods can be performed at any suitable point during the above-described transaction flow. For example, the biometric data authentication method may be performed before or after the user uses a payment device to interact with the terminal 120. If it is afterwards, then the authentication method may be performed when the authorization request message is received by the payment processing network 140 or the issuer 150.
Processor 210 may be any general-purpose processor operable to carry out instructions on the consumer device 110. The processor 210 is coupled to other units of the consumer device 110 including biometric sensor 220, display 230, input device 240, speaker 250, memory 260, and computer-readable medium 270.
Biometric sensor 220 is a sensor within consumer device 110 operable for detecting a user biometric. In one example, the biometric sensor 220 may be a fingerprint scanner on the consumer device 110 operable to scan a user's fingerprint and store its corresponding biometric data within memory 260. In another example, the biometric sensor 220 may be a microphone operable to record a user's voice sample and store its corresponding biometric data within the memory 260. In yet another example, the biometric sensor 220 may be a retinal scanning device operable to scan a user's retina and store its corresponding biometric data within the memory 260. The biometric data may be stored within the computer-readable medium 270 via processor 210.
Display 230 may be any device that displays information to a user. Examples may include an LCD screen, CRT monitor, or seven-segment display.
Input device 240 may be any device that accepts input from a user. Examples may include a keyboard, keypad, or mouse. In some embodiments, biometric sensor 220 may be considered an input device 240.
Speaker 250 may be any device that outputs sound to a user. Examples may include a built-in speaker or any other device that produces sound in response to an electrical audio signal. In some embodiments, speaker 250 may be used to request the user for a biometric input or to provide feedback on the progress of biometric detection.
Memory 260 may be any magnetic, electronic, or optical memory. Memory 260 includes two memory modules, module 1 262 and module 2 264. It can be appreciated that memory 260 may include any number of memory modules. An example of memory 260 may be dynamic random access memory (DRAM).
Computer-readable medium 270 may be any magnetic, electronic, optical, or other computer-readable storage medium. Computer-readable storage medium 270 includes registration module 272, cryptography module 278, biometric artifact generation module 276, and biometric match determination module 274. Computer-readable storage medium 270 may comprise any combination of volatile and/or non-volatile memory such as, for example, buffer memory, RAM, DRAM, ROM, flash, or any other suitable memory device, alone or in combination with other data storage devices.
Registration module 272 is configured to register a user with the consumer device 110. In some embodiments, a user may register his/her biometric data with the consumer device 110. The registration may be performed via biometric sensor 220. The registered user biometric data may be stored within memory 260. For example, consumer device 110 may request a user to register his/her biometric data by displaying a prompt, on display 230, to scan his/her index finger on biometric sensor 220 for purposes of registration. Upon scanning the user's finger on biometric sensor 220, the registered biometric data corresponding to the scanned fingerprint may be stored within memory 260 for future biometric authentication of the user.
Biometric match determination module 274 is configured to determine whether an inputted biometric data from a user matches a previously registered, by the registration module 272, biometric data from the user. For example, if a user wishes to initiate a payment transaction, display 230 may request the user to provide his/her biometric data by displaying a prompt, on display 230, to scan his/her index finger on the biometric sensor 220. The scanned index finger and corresponding biometric data may be used for purposes of authenticating the user prior to initiating the payment transaction. The biometric match determination module 274 may then compare the biometric data corresponding to the scanned index finger to previously registered biometric data of the user that is stored within memory 260. If a match is determined a biometric artifact may be generated, discussed below.
Biometric artifact generation module 276 is configured to generate a biometric digital artifact based on a determination of the match by the biometric match determination module 274. The biometric digital artifact may include information regarding the type of biometric data received by the biometric sensor 220 (e.g. voice biometric, fingerprint biometric, DNA biometric, etc.) and whether a match was determined by the biometric match determination module 274. Each time user biometric authentication is performed, the biometric digital artifact generated by the biometric artifact generation module 276 is unique to the user and the particular authentication instance. It is highly unlikely that two generated biometric digital artifacts will be identical.
Cryptography module 278 is configured to generate a cryptographic value of the biometric digital artifact. The cryptographically generated biometric digital artifact may then be sent by the consumer device 110 to a server computer for verification against an expected biometric digital artifact (described below).
The input/output (I/O) interface 310 is configured to receive and transmit data. For example, the I/O interface 310 may receive the biometric digital artifact from the consumer device 110 (
Memory 320 may be any magnetic, electronic, or optical memory. It can be appreciated that memory 320 may include any number of memory modules. An example of memory 320 may be dynamic random access memory (DRAM).
Processor 330 may be any general-purpose processor operable to carry out instructions on the server computer 300. The processor 330 is coupled to other units of the server computer 300 including input/output interface 310, memory 320, temporary biometric artifact queue 340, user fraud profile data base 350, and computer-readable medium 360.
Temporary biometric artifact queue 340 is configured to temporarily store the biometric digital artifacts generated by the biometric artifact generation module 276 (
The user fraud profile database 350 is configured to store a fraud profile of a payment user. The fraud profile of a payment cardholder may include attributes such as, but not limited to, initiation date of the payment transaction, initiation time of the payment transaction, the payment cardholder's name, the biometric digital artifact associated with the payment transaction, the outcome of payment cardholder verification/authentication, and a variable risk score for the user. These attributes of the payment user's fraud profile are described in detail in
Computer-readable medium 360 may be any magnetic, electronic, optical, or other computer-readable storage medium. Computer-readable storage medium 360 includes biometric artifact validation module 362, biometric artifact manipulation module 364, risk score module 366, and payment processing module 368. Computer-readable storage medium 360 may comprise any combination of volatile and/or non-volatile memory such as, for example, buffer memory, RAM, DRAM, ROM, flash, or any other suitable memory device, alone or in combination with other data storage devices.
Biometric artifact validation module 362 is configured to determine whether the biometric digital artifact generated by the biometric artifact generation module 276 (
Biometric artifact manipulation module 364 is configured to temporarily store the generated biometric digital artifact in the temporary biometric artifact queue 340. As described above, the temporary biometric artifact queue 340 temporarily stores the biometric digital artifact for a predetermined period of time prior to storing the biometric digital artifact in the user fraud profile database 350. Upon expiration of the predetermined period of time, the biometric artifact manipulation module 364 may forward the biometric digital artifact from the temporary biometric artifact queue 340 to the user fraud profile database 350 for purposes of building the user fraud profile.
Risk score module 366 is configured to calculate and adjust a risk score associated with the payment user for each requested payment transaction. The risk score may be based on a number of valid biometric digital artifacts received without fraudulent activity. Upon each subsequently received valid biometric digital artifact, the risk score module 366 may adjust the risk score associated with the user that is stored within the user fraud profile database 350. For example, a relatively new payment user who may not have many registered valid digital biometric artifacts stored in the user fraud profile database 350 may have a higher risk score than a payment user who has a significantly higher number of valid digital biometric artifacts stored in the user fraud profile database 350. Each payment user's risk score may be adjusted lower upon each subsequent valid digital biometric artifact received.
Risk scores may also be generated using other criteria, such as the type of transaction being conducted (e.g., card present or card not present), the location of the transaction (e.g., close to the billing address or far from the billing address), the amount of the transaction (e.g., high transaction amount vs. low transaction amount), etc.
In certain embodiments, the user locally registers their biometric on the consumer device 110 using software that provides this service (e.g., a smart phone application). Biometric data can include fingerprint data, retinal scan data, digital photographic data (e.g., facial recognition data), deoxyribonucleic acid (DNA) data, palm print data, hand geometry data, iris recognition data, and voice recognition data.
At step 402, the user registers a voice biometric on the consumer device 110 by, for example, initially repeating a certain pass phrase (e.g., voice recognition biometric) into the phone to establish a first reference biometric (e.g., first biometric data). The consumer device 110 can utilize the first biometric data as a reference to compare subsequent biometric input data. The user's voice may be captured by the biometric sensor 220 (
At step 404, the consumer device 110 stores the biometric data captured from the user. In some embodiments, the biometric data may be stored within memory 260 (
At step 406, the consumer device 110 (e.g., smart phone) captures biometric data (e.g., second biometric data) from a user as he/she speaks into it. The user's voice may be captured by the biometric sensor 220 (
At steps 408 and 410, the consumer device 110 locally compares the first and second set of biometric data and determines whether the biometric information matches according to a predetermined threshold (e.g., predetermined criteria, correlation, etc.). The predetermined threshold may identify or quantify how much the received input data (e.g., second set of biometric data) and the previously stored input data (e.g., first set of biometric data) should match. If the received input data and the previously stored input data match according to the predetermined threshold, then the data is considered a match. Alternatively, the correlation can determine a “risk factor” associated with the input data. A high correlation can constitute a low risk factor and a low correlation can constitute a high risk factor. Setting the appropriate threshold to ensure an acceptable level of accuracy would be appreciated by one of ordinary skill in the art. One example of a predetermined threshold can be a requirement for a particular number of matching features between two biometric inputs. In the example depicted in
At step 412, the consumer device 110 creates a unique biometric digital artifact based on the comparison between the first and second biometric data. The biometric digital artifact provides unforgeable evidence of the match between the first and second biometric data. In certain embodiments, the biometric digital artifact indicates the type of biometric used (e.g., finger print, voice scan, etc.) and whether there was a match or correlation between the two data sets.
At step 414, the consumer device 110 sends the payment card data (or alternatively payment account data) and biometric digital artifact to the payment processor network 140. In certain embodiments, steps 412 and 414 are parallel transactions and can occur substantially simultaneously with respect to each other. Alternatively, step 412 may occur before or after step 414. In further embodiments, the consumer device 110 can send the biometric digital artifact, consumer device verification method (CDVM), and authorization request to the terminal 120 (
At step 416, a connection is created from the consumer device 110 to the terminal 120 (e.g., via contactless reader) using a CDVM indicating that the first and second biometric of the user matched according to the predetermined threshold (i.e., the user is authenticated). In certain embodiments, step 416 may be performed any time after step 404, e.g. after the user registers and stores their biometric data on the consumer device. For example, when the user wishes to initiate a payment transaction to pay for groceries at a supermarket check-out line, a connection will be made between the consumer device 110 and the terminal 120 to facilitate the transaction.
At step 418, the merchant (terminal 120) sends transaction data to the payment processor network 140. The transaction data can include an indication of the CDVM and the authorization request message to request authorization to conduct an electronic payment transaction. The transaction data can further include an issuer account identifier. The issuer account identifier may be a payment card account identifier associated with a payment card. The authorization request message may request that an issuer of the payment card authorize a transaction. An authorization request message according to an embodiment of the invention may comply with ISO 8583, which is a standard for systems that exchange electronic transactions made by users using payment cards. Similar to step 416 described above, step 418 can occur after, or substantially simultaneously as step 404.
At step 420, the server computer 300 receives the biometric digital artifact from the payment processor network 140. In step 422 the biometric digital artifact is verified and validated against previously recorded valid biometric digital artifacts in a template, as described above. The previously recorded valid digital artifacts may be stored in the user fraud profile database 350 (
At step 424, a risk score associated with the payment transaction is adjusted. As described above, the risk score may be based on a number of valid biometric digital artifacts received without fraudulent activity. Upon each subsequently received valid biometric digital artifact, the risk score module 366 (
At step 426, the result of the determination as to whether a valid biometric digital artifact was received is sent to the payment processor network 140 (or a server computer therein). The payment processor network 140 records the fact that the verification (i.e., authentication) has occurred. Subsequent transactions repeat this process (steps 406-418) and over time the biometric authentication process becomes increasingly trustworthy (e.g., low risk) provided that no fraudulent activity is associated with the biometric authentication process.
In some embodiments of the invention, the server computer in the payment processing network 140 may not record the fact that verification has occurred until a predetermined period of time has elapsed (e.g., more than 1, 3, 5 days, or more than 1 month). It may hold the digital artifact in a queue (descried above) until the predetermined amount of time has elapsed. That is, the biometric digital artifact is not deemed valid by the server computer and is not used to create a model for future authentication, until a period of time has elapsed. By doing so, it may be ensured that only digital artifacts from the genuine user are used to create or add to a fraud model of the genuine user. If the authorized user has not reported that the transaction is fraudulent after the period of time, then the transaction and the artifact are considered valid and the artifact and biometric sample can be used to update a model and/or user profile for the user for future transactions.
Upon the user placing their fingerprint on the biometric sensor 220 and registering their biometric data with the consumer device 110, the user and consumer device 110 are ready for subsequent payment transactions and their associated biometric authentication, as described above.
Upon the user placing their fingerprint on the biometric sensor 220 and authenticating their biometric data with the consumer device 110, the consumer device 110 may compare the first and second set of biometric data to determine whether the two match. The consumer device 110 may then create a biometric digital artifact based on the second biometric and send payment card data and the biometric digital artifact to the payment processor network 140 (
The date attribute of the user fraud profile 350 indicates the date at which a user initiated a payment transaction with the consumer device 110 (
The time attribute of the user fraud profile 350 indicates the time of day on the date at which the user initiated the particular payment transaction.
The user attribute of the user fraud profile 350 indicates the registered name for the genuine user. In this example, the registered name, “John Doe” is the same for every payment authorization request. It can be appreciated that the user fraud profile database 350 stores the recorded payment authorization requests for each user in a unique location within the database. Other locations within the database, not shown in this example, may contain fraud profiles for other users having a different name.
The digital artifact attribute of the user fraud profile 350 indicates the particular biometric digital artifact that was generated by the consumer device 110 (
The first biometric digital artifact (stored on Jan. 4, 2012) is the generated value upon a user performing their first payment authorization request after registering with the consumer device 110 (
As more biometric digital artifacts are received and stored, more comparison points for subsequently received biometric digital artifacts are available. For example, the ninth received biometric digital artifact (Dec. 24, 2012) may be compared against the previous eight stored biometric digital artifacts in order to determine its validity. In some embodiments, a number of received biometric digital artifacts may be used to create a biometric model of the user. For example, six of the received biometric digital artifacts may be used to create a biometric model of the user. Any subsequent received biometric digital artifact may be compared against the biometric model of the user.
The outcome attribute of the user fraud profile 350 indicates the outcome of the validation of the received biometric digital artifact. If the comparison of the received biometric digital artifact to previously stored and verified biometric digital artifacts in the template results in a valid comparison, the received biometric digital artifact will be considered verified and will be stored in the user fraud profile 350 for use in subsequent validations.
The risk score attribute of the user fraud profile 350 indicates a risk score associated with the particular payment transaction request. In this example, the risks score may be on a scale from 0-100, with 100 being the highest (most risk). The risk score is adjustable for each payment transaction request. As described above, the risk score module 366 (
As demonstrated in
II. Exemplary Methods
Referring to
In step 416, a connection is created between the consumer device and a (POS) terminal. This connection may be created after the user has registered their biometric data (first biometric) with the consumer device. In step 418, the (POS) terminal sends the transaction data to the payment processor network for payment processing. The transaction data includes information pertinent to the particular transaction the user wishes to initiate the payment request authorization for.
It should be appreciated that the specific steps illustrated in
Referring to
It should be appreciated that the specific steps illustrated in
The software components or functions described in this application may be implemented as software code to be executed by one or more processors using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions, or commands on a computer-readable medium, such as a random access memory (RAM), a read-only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer-readable medium may also reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
The present invention can be implemented in the form of control logic in software or hardware or a combination of both. The control logic may be stored in an information storage medium as a plurality of instructions adapted to direct an information processing device to perform a set of steps disclosed in embodiments of the present invention. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will appreciate other ways and/or methods to implement the present invention.
In embodiments, any of the entities described herein may be embodied by a computer that performs any or all of the functions and steps disclosed.
Any recitation of “a”, “an” or “the” is intended to mean “one or more” unless specifically indicated to the contrary.
One or more embodiments of the invention may be combined with one or more other embodiments of the invention without departing from the spirit and scope of the invention.
The above description is illustrative and is not restrictive. Many variations of the invention will become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents.
Claims
1. A method for authenticating a user for a transaction, comprising:
- receiving, by a processor, a first biometric data of a user;
- comparing, by the processor, the first biometric data with a second biometric data of the user stored on a device, wherein the first biometric data and the second biometric data comprise a user voice sample;
- determining, by the processor, from the comparison, whether the first biometric data and the second biometric data match according to a predetermined threshold, wherein the predetermined threshold indicates a number of matching biometric features between the first biometric data and the second biometric data; and
- creating, by the processor, a biometric digital artifact based on the first biometric data, wherein the biometric digital artifact includes information regarding a type of biometric data received and the determination.
2. The method of claim 1 further comprising registering the second biometric data on the device.
3. The method of claim 1 further comprising sending transaction information and the biometric digital artifact to a transaction processing network.
4. The method of claim 1 wherein the biometric digital artifact is a cryptographically generated value.
5. The method of claim 1 wherein the biometric data comprises a user fingerprint sample, a user voice sample, a user iris image sample, or a user face image sample.
6. A device for authenticating a user for a transaction, comprising:
- a processor; and
- a non-transitory computer-readable storage medium, comprising code executable by the processor for implementing a method comprising:
- receiving a first biometric data of a user;
- comparing the first biometric data with a second biometric data of the user stored on the device, wherein the first biometric data and the second biometric data comprise a user voice sample;
- determining, from the comparison, whether the first biometric data and the second biometric data match according to a predetermined threshold, wherein the predetermined threshold indicates the degree to which the first biometric data and the second biometric data match; and
- creating a biometric digital artifact based on the first biometric data, wherein the biometric digital artifact includes information regarding a type of biometric data received and the determination.
7. The device of claim 6 wherein the method further comprises registering the second biometric data on the device.
8. The device of claim 6 wherein the method further comprises sending information and the biometric digital artifact to a processing network.
9. The device of claim 6 wherein the biometric digital artifact is a cryptographically generated value.
10. The device of claim 6 wherein the biometric data comprises a user fingerprint sample, a user voice sample, a user iris image sample, or a user face image sample.
11. A method for authenticating a user for a transaction, comprising:
- receiving, by a device, transaction data and a biometric digital artifact, wherein the biometric digital artifact is generated by a consumer device and comprises information regarding a user voice sample, and a determination of a data match between a first biometric data of a user and a second biometric data of the user;
- holding, by a processor, the biometric digital artifact in a queue for a predetermined period of time;
- determining, by a processor, that the biometric digital artifact is valid;
- forwarding, by a processor, the biometric digital artifact to a database; and
- updating, by a processor, a user fraud profile within the database with the biometric digital artifact based on the determination.
12. The method of claim 11 further comprising sending a validation result based upon the determination, and transaction information to a transaction completion device to complete a transaction.
13. The method of claim 11 wherein the determining comprises verifying the biometric digital artifact against one or more valid biometric digital artifacts.
14. The method of claim 11 wherein the updating further comprises adjusting a risk score based on a number of valid biometric digital artifacts received without fraudulent activity.
15. The method of claim 11 wherein the biometric digital artifact is a cryptographically generated value.
16. A server for authenticating a user for a transaction, comprising:
- a processor; and
- a non-transitory computer-readable storage medium, comprising code executable by the processor for implementing a method comprising:
- receiving transaction data and a biometric digital artifact, wherein the biometric digital artifact is generated by a consumer device and comprises information regarding a user voice sample, and a determination of a data match between a first biometric data of a user and a second biometric data of the user;
- holding the biometric digital artifact in a queue for a predetermined period of time;
- determining that the biometric digital artifact is valid;
- forwarding the biometric digital artifact to a database; and
- updating a user profile within the database with the biometric digital artifact based on the determination.
17. The server of claim 16 wherein the method further comprises sending a validation result based upon the determination, and transaction information to a transaction completion device to complete a transaction.
18. The server of claim 16 wherein the determining comprises verifying the biometric digital artifact against one or more valid biometric digital artifacts.
19. The server of claim 16 wherein the updating further comprises adjusting a risk score based on a number of valid biometric digital artifacts received without fraudulent activity.
20. The server of claim 16 wherein the biometric digital artifact is a cryptographically generated value.
Type: Application
Filed: May 21, 2013
Publication Date: Oct 31, 2013
Patent Grant number: 9390445
Inventors: John F. Sheets (San Francisco, CA), Kim R. Wagner (Sunnyvale, CA)
Application Number: 13/899,496
International Classification: G06Q 30/06 (20120101);